<?php
$a = array();
include_once 'checkLogin.php';
include_once 'conn.php';
$carID = $_POST['carID'];
//接下来判断投票条件
//第四：新增投票限制：用户黑名单功能
//首先查询当前用户是否在黑名单中，且未解封
/*$sql = "select 1 from userfilter where userid = {$_SESSION['loggedUserID']} and expires > unix_timestamp()";*/
$sql = "select expires from userfilter where userid = {$_SESSION['loggedUserID']} and expires > " . time();
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)){
    //说明有查询到记录
    $a['code'] = -3;
    $info = mysqli_fetch_array($result);
    $a['expires'] = date("Y-m-d H:i:s",$info['expires']);
    $a['errMsg'] = '当前用户还处于黑名单有效期内，无法投票。';
    echo json_encode($a);
    exit;
}
//第一，每一个用户当天只能给最多3辆车投票
$sql = "SELECT carID, count(carID)  FROM votedetail WHERE userID = " . $_SESSION['loggedUserID'] . " and FROM_UNIXTIME(voteTime,'%Y-%m-%d') = CURDATE() and carID != $carID GROUP BY carID ";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result) >= 3){
    $a['code'] = -1;
    $a['errMsg'] = '每位用户每天最多只能给3辆车投票';
    echo json_encode($a);
    exit;
}
//第二，每位用户当天最多只能给同一辆车投5票
$sql = "SELECT count(1) as 票数 from votedetail WHERE userID = " . $_SESSION['loggedUserID'] . " and carID = $carID and FROM_UNIXTIME(voteTime,'%Y-%m-%d') = ". date("Y-m-d");
$result = mysqli_query($conn,$sql);
$info = mysqli_fetch_array($result);
if($info['票数'] >= 5){
    $a['code'] = -1;
    $a['errMsg'] = '每位用户每天最多只能给一辆车投5票';
    echo json_encode($a);
    exit;
}
//第三，每位用户两次投票间隔必须大于1分钟
$sql = "select id from votedetail where userID =  {$_SESSION['loggedUserID']} and (unix_timestamp() - voteTime) <= 60";
$result = mysqli_query($conn,$sql);
//$a['sql'] = $sql;
//$a['num'] = mysqli_num_rows($result);
if(mysqli_num_rows($result)){
    //说明有投票间隔小于60s的记录
    $a['code'] = -1;
    $a['errMsg'] = '两次投票间隔必须大于60秒';
    echo json_encode($a);
    exit;
}
$sql1 = "update carinfo set carNum = carNum + 1 where id = $carID";
$sql2 = "insert into votedetail (userID, carID, voteTime, ip) VALUES ('" . $_SESSION['loggedUserID'] . "','$carID','" . time() . "','" . getIp() . "')";
mysqli_autocommit($conn, 0);//取消自动提交
$result1 = mysqli_query($conn, $sql1);
//$a['sql2'] = $sql2;
$result2 = mysqli_query($conn, $sql2);
//$a['err2'] = mysqli_error($conn);
if ($result2 and $result1) {
    mysqli_commit($conn);
    $a['code'] = 1;
} else {
    mysqli_rollback($conn);
    $a['code'] = -1;
    $a['errMsg'] = '投票失败';
}
echo json_encode($a);
function getIp(){
    $ip='未知IP';
    if(!empty($_SERVER['HTTP_CLIENT_IP'])){
        return is_ip($_SERVER['HTTP_CLIENT_IP']) ? $_SERVER['HTTP_CLIENT_IP'] : $ip;
    }elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
        return is_ip($_SERVER['HTTP_X_FORWARDED_FOR'])?$_SERVER['HTTP_X_FORWARDED_FOR']:$ip;
    }else{
        return is_ip($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:$ip;
    }
}
function is_ip($str){
    $ip=explode('.',$str);
    $iMax = count($ip);
    for($i=0;$i<$iMax;$i++){
        if($ip[$i]>255){
            return false;
        }
    }
    return preg_match('/^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$/',$str);
}